SharePoint Online: Find All Lists with Unique Permissions using PowerShell

Requirement: Get All Lists and Libraries with Unique Permissions using PowerShell.

How do you check if a list uses Unique permissions or inherits permissions from the parent?

To get if a list or library has unique permissions, follow these steps:

  1. Navigate to the list and then go to List or Library Settings.
  2. Click on the “Permissions for this List/Document library” link on the List settings page.
  3. The list settings page provides information on whether the list has unique permissions. If the list or library has unique permissions, you’ll get the text “This list/library has unique permissions”; otherwise, “This list/library inherits permissions from its parent.”
    sharepoint online find unique permission lists

Check If the List or Library has Unique Permissions using PowerShell: 

Let’s check if the given list has unique permissions.

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com/sites/retail"
$ListName="Documents"

#Setup Credentials to connect
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
        
#Get the List
$List = $Ctx.Web.Lists.GetByTitle($ListName)
$Ctx.Load($List)
$Ctx.ExecuteQuery()

#Check if list has unique permissions
$List.Retrieve("HasUniqueRoleAssignments")
$Ctx.ExecuteQuery()

Write-Host "List has Unique Permissions?": $List.HasUniqueRoleAssignments

Find All Lists and Libraries with Unique Permissions in a SharePoint Online Site:

Let’s modify the script a bit to get all unique permission-ed lists and libraries from a SharePoint Online site.

#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"

#Define Parameter values
$SiteURL="https://crescent.sharepoint.com"

Try {
    #Setup Credentials to connect
    $Cred= Get-Credential
    $Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

    #Setup the context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Ctx.Credentials = $Credentials
        
    #Get All Lists of the web
    $ListCollection = $Ctx.Web.Lists
    $Ctx.Load($ListCollection)
    $Ctx.ExecuteQuery()

    #Iterate through each list - Ignore Hidden Lists
    ForEach($List in $ListCollection | Where {$_.Hidden -eq $False})
    {
        #Check if list has unique permissions
        $List.Retrieve("HasUniqueRoleAssignments")
        $Ctx.ExecuteQuery()
        If($List.HasUniqueRoleAssignments -eq $true)
        {
            Write-Host -f Green "List '$($List.Title)' has Unique Permissions"
        }
        else
        {
            Write-Host -f Yellow "List '$($List.Title)' is inhering Permissions from the Parent"
        }
    }
}
Catch {
    write-host -f Red "Error Checking Unique Permissions!" $_.Exception.Message
}

PnP PowerShell: Get All Lists and Libraries with Unique Permission

This time, let’s get all lists and libraries with unique permissions from a SharePoint Online site collection.

#Function to Get Lists and Libraries with Unique Permission from a Site collection
Function Get-UniquePermissionLists($SiteURL)
{
    #Connect to SharePoint Online Site from PnP Online
    Connect-PnPOnline -Url $SiteURL -Interactive

    #Function to Get Lists with Unique Permissions from the web
    Function Get-PnPUniquePermissionLists([Microsoft.SharePoint.Client.Web]$Web)
    {
        Write-host "Searching Lists and Libraries with Unique Permissions at:"$Web.Url -f Yellow
        Connect-PnPOnline -Url $Web.URL -Interactive
        #Get All Lists from the web
        $Lists = Get-PnPList -Includes HasUniqueRoleAssignments
    
        #Exclude system lists
        $ExcludedLists = @("Content and Structure Reports","Form Templates","Images","Pages","Preservation Hold Library", "Site Pages", "Site Assets",
                             "Site Collection Documents", "Site Collection Images","Style Library","Reusable Content","Workflow History","Workflow Tasks")
              
        #Iterate through lists
        ForEach($List in $Lists)
        {
            #Filter Lists - Exclude System Lists, hiddenlists and get only lists with unique permissions
            If($List.Hidden -eq $False -and $ExcludedLists -notcontains $List.Title -and $List.HasUniqueRoleAssignments)
            {
                Write-host "`tFound a List '$($List.Title)' with Unique Permission at '$($List.RootFolder.ServerRelativeUrl)'" -f Green
            }
        }
    }
    #Call the function for Each Web
    Get-PnPSubWeb -Recurse -IncludeRootWeb | ForEach-Object { Get-PnPUniquePermissionLists($_)}    
 }

#Call the function
Get-UniquePermissionLists "https://Crescent.sharepoint.com/Sites/Marketing"

These scripts get you all lists and libraries with unique permissions. To delete unique permissions from SharePoint Online using PowerShell, use: SharePoint Online: Remove Unique Permissions from List using PowerShell

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

Leave a Reply

Your email address will not be published. Required fields are marked *